Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
Dblhook detected a hard link for a file. The volume GUID and file ID are stored in the Data Window. This file will not be replicated.
|English: Request a translation of the event description in plain English.|
As an update to Peter Van Gils's comment, Symantec has given information to the effect that they will continue using hard links for the near future. This generally has no effect on replication as the hard links in question are not contained within a replication set, but the hard links should be checked to make sure.
Peter Van Gils
This event is reported by NSI DoubleTake. If used in combination with Symantec Antivirus this is normal. I sent this problem to NSI and this was their response: "There has been an increase in 16395 application event log messages. These errors relate to hard links. Even if the data is not being replicated as every I/O goes past the filter driver then Double Take reports any hard links whether to be replicated or not. Generally, they are not in the replication set and can be ignored. It seems that Symantec Antivirus is using hard links since their 10.1 version this is why we are seeing an increase. NSI currently have a TSA case open with Symantec to see if they will be removing hard links".
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated